The apps in question that the report advises to delete are YohooTalk, Privee Talk, MeetMe, Nidus, GlowChat, Let's Chat, Quick Chat, Rafaqat, Chit Chat, Hello Chat, and Wave Chat.
It is worth noting that six of these applications were available on the Google Play Store, and a remote access Trojan (RAT) called Vajra Spy is at the heart of these applications' spying activities, according to Digitartlends.
A chat application causes serious damage
“It steals contacts, files, call logs and SMS, but some of its apps can even extract WhatsApp and Signal messages, record phone calls and take camera photos,” the ESET findings report says.
This wouldn't be the first time Vajra Spy has raised alarm, as in 2022, Broadcom also listed it as a variant of a Remote Access Trojan (RAT) that leverages Google Cloud Storage to collect stolen data from Android users.
The apparent goal of VajraSpy is to collect information from the infected device and capture user data, such as text messages, WhatsApp and Signal conversations, call logs, among other things. These apps, most of which masquerade as chat apps, used romance-matched social engineering attacks to lure targets.
In 2023, Scroll reported on how cross-border spies are using honey traps to lure scientists into extracting sensitive information via so-called romance scams. The FBI even issued an alert about digital romance scams, while a White House staffer lost more than half a million dollars in one These traps.
In the latest case of VajraSpy deployment, the apps were able to extract contact details, messages, list of installed apps, call logs and local files in different formats like pdf, doc, jpeg, mp3 etc. Those with advanced functionality are enforced using a phone number, but by doing so, they can also intercept messages. On secure platforms like WhatsApp and Signal.
Apart from recording real-time text exchanges, these apps can intercept notifications, record phone calls, record keystrokes, take pictures with the camera without the victim knowing about it, and take control of the microphone to record audio, again the latter is not surprising.